Security

HSPharmacy is compliant with the Payment Card Industry Data Security Standards (PCI DSS), which is the internationally recognised standard of best practice in processing and storing payment card data. We are registered in compliance with the Data Protection Act, Registration No. Z1472082.

Key Security Measures

In order to gain and maintain compliance with PCI DSS, HSPharmacy must adhere to stringent policies and procedures that ensure the highest possible level of data and physical security. Every month this security is tested by security experts approved by MasterCard and Visa who attempt to penetrate our defences with all know attacks and report back to us the results of their efforts so we can continually upgrade our security. Over nearly 10 years of internet trading, we have had no reports of any customer using a credit or debit card to purchase at HSPharmacy and subsequent acts of fraud being committed having used details illegally obtained via our site.

The sections below describe some of the main elements of our security efforts:

  • All HSPharmacy staff who have access to important data are criminal record checked, and their access to and use of your data is continually monitored and auditable.
  • Our IT systems are protected by fire walls, have the latest security updates, are not directly accessible from the internet and monitored constantly.
  • All sensitive data (including payment card data and email addresses) are encrypted to industry best practice standards when we store it. Certain data will never be stored such as the security strip number from the back of your payment card.
  • All our web pages where you provide us with data use SSL (Secure Socket Layer) 128bit encryption to read and write data from our databases. The SSL certificate is independently issued by Geotrust and is your guarantee of security and authentication of our company.
  • Information sent within our company network systems is separately encrypted using VPNs and additional message encryption.
  • Our database servers are held in a purposely designed and highly secure vault location using advanced code and fingerprint identification controlled access. There is 24 hour security and CCTV monitoring.